DNS Protection

Secure your DNS connection against cyberattacks, get total visibility into web usage, and enforce acceptable web usage policies to reduce security risk.

Get Started Now

What is DNS Protection?

Before we talk about DNS security, you need to understand the DNS. The domain name system (DNS) works like a phone book for the internet. When a user enters text into a browser, DNS servers take that input and translate it into the unique internet protocol (IP) addresses that let the browser open the desired site. But DNS protocols were never designed with security in mind, and are highly vulnerable to cyberattacks, such as cache poisoning, DDoS, DNS hijacking, botnets, C&C, man-in-the-middle, and more.

By redirecting users’ web traffic through a cloud-based, DNS security solution, businesses and MSSPs can finely tune and enforce web access policies, ensure regulatory compliance, and stop 88% of threats at the network’s edge—before they ever hit the network or endpoints.

Why businesses need DNS protection

Uncontrolled internet access is a high-risk activity for any business, regardless of size. Faced with today’s sophisticated attacks, endpoint security alone is no longer enough to stay safe from modern cybercrime. In fact, a recent report from EfficientIP found that 77% of businesses around the world suffered at least one DNS cyberattack in 2018. What’s even more worrying: on average, businesses got hit with as many as seven attacks throughout the year.

Per the report, the average cost of a single attack was £550,000. When you do the math, it’s clear how DNS Protection for servers, endpoints, and other networked devices could make all the difference to a business’ success (and survival).

Skip the hardware and software

This fully cloud-based, secure, and resilient service takes just minutes to set up. Protect your DNS connection, network, and users from cyberattacks.

Get detailed reports 
on-demand

Drill down into reports on all threats the business would've been susceptible to without DNS Protection in place, and get full visibility into risk and usage.

Enable policies by group, device, IP

Control internet usage for your users using pre-configured and custom policies by group, device or network.

Block threats at the domain level

Over 80 URL categories give you granular, policy-based control to automatically block dangerous and questionable sites (such as Malware and Adult) or unwanted sites (such as streaming media).

Reduce costs relating to infections

DNS filtering stops up to 88% of web-borne malware at the domain layer, so it never reaches your network. It saves you time and money, while also minimising unproductive web usage.

Apply leading web classification

Webroot® threat intelligence backs all Webroot products, and is trusted by over 100 leading technology vendors to enhance their services.

Built for the Internet of Tomorrow

Our DNS agent was built for the future, supporting IPv6, the next generation of internet protocol. This means you can protect your users with DNS security on modern networks, like public hotspots, for long into the future. As adoption of the new protocol continues to rise, it becomes increasingly essential your network protection can handle this type of traffic.

Did you know...

DNS Protection also keeps users safe in the following scenarios:

Roaming and VPN Users

DNS Protection secures your mobile workforce without interfering
with the VPNs, firewalls, and other network security tools you already use.

WiFi Hotspots

Secure WiFi hotspots with DNS Protection for Guest WiFi to keep your guests, customers, and reputation safe.

DNS Protection Now Running on the Google Cloud Platform

Webroot® DNS Protection recently moved to the Google Cloud Platform (GCP) for increased security, performance, and reliability. It now runs on the Google Cloud’s high-redundancy, low-latency networks in 16 regions worldwide to maximize performance. Our DNS protection also benefits from Google's built-in DoS prevention and mitigation, which enables us to stop attack traffic before it hits the agent core. And because regional deployments can auto-scale with spikes in traffic, even drastically increasing loads won’t increase wait times for requests.